CVE-2020-35756 Explained : Impact and Mitigation

An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices where a luci_service GETPASS Configuration Password Information Leak allows unauthorized access to the device configuration password.

Understanding CVE-2020-35756

This CVE identifies a vulnerability in Libre Wireless LS9 LS1.5/p7040 devices that exposes the device configuration password.

What is CVE-2020-35756?

The luci_service daemon on port 7777 does not require authentication, enabling anyone with access to the port to retrieve the device configuration password in cleartext using the GETPASS command.

The Impact of CVE-2020-35756

This vulnerability allows unauthorized individuals to obtain the user's personal device configuration password, compromising device security and user privacy.

Technical Details of CVE-2020-35756

This section provides more technical insights into the vulnerability.

Vulnerability Description

The luci_service daemon on Libre Wireless LS9 LS1.5/p7040 devices leaks the device configuration password in cleartext via the GETPASS command without requiring authentication.

Affected Systems and Versions

Affected System: Libre Wireless LS9 LS1.5/p7040 devices
Vulnerable Version: Not specified

Exploitation Mechanism

Unauthorized individuals can access port 7777 on the device and retrieve the device configuration password using the GETPASS command.

Mitigation and Prevention

Protecting against and addressing the CVE-2020-35756 vulnerability.

Immediate Steps to Take

Disable or restrict access to port 7777 on the device to prevent unauthorized retrieval of the configuration password.
Implement network segmentation to limit access to sensitive ports.

Long-Term Security Practices

Regularly monitor and update device firmware to patch known vulnerabilities.
Enforce strong password policies and consider encryption for sensitive data transmission.

Patching and Updates

Apply security patches provided by Libre Wireless to address the vulnerability.